Overview

URL jumintenhairstyles.blogspot.com/
IP216.58.211.1
ASNAS15169 Google Inc.
Location United States
Report completed2018-07-17 09:42:31 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2018-07-17 09:42:03 CEST 2 Client IP  103.224.182.246 ET INFO HTTP Request to a *.top domain


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-07-17 2 jumintenhairstyles.blogspot.com/ Malware
2018-07-17 2 jumintenhairstyles.blogspot.com/ Malware
2018-07-17 2 jumintenhairstyles.blogspot.com/%3C!--Can%27t%20find%20substitution%20for%2 (...) Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 216.58.211.1

Date UQ / IDS / BL URL IP
2018-10-16 09:12:24 +0200
0 - 1 - 0 ninja-saga-hack-insyndicate.blogspot.ca/2011/ (...) 216.58.211.1
2018-10-16 00:30:05 +0200
0 - 1 - 0 anazhthseis.blogspot.com/2013/06/blog-post_93 (...) 216.58.211.1
2018-10-15 23:14:44 +0200
0 - 2 - 0 nasikukuskakzah.blogspot.com/2013/01/nasi-kuk (...) 216.58.211.1
2018-10-15 19:08:13 +0200
0 - 1 - 0 ninja-saga-hack-insyndicate.blogspot.com/2011 (...) 216.58.211.1
2018-10-15 12:40:40 +0200
2 - 0 - 0 aflam-uk.blogspot.com/2015/03/download-sahifa (...) 216.58.211.1
2018-10-15 06:28:35 +0200
2 - 1 - 0 katwvolta.blogspot.com/search/label/Doutzen%2 (...) 216.58.211.1
2018-10-15 06:28:12 +0200
0 - 1 - 0 asaljawa.blogspot.com/2016/02/soal-negosiasi- (...) 216.58.211.1
2018-10-15 06:11:35 +0200
0 - 1 - 0 ninja-saga-hack-insyndicate.blogspot.ca/2011/ (...) 216.58.211.1
2018-10-15 06:11:23 +0200
0 - 1 - 0 booter-center.blogspot.com/ 216.58.211.1
2018-10-15 03:44:59 +0200
2 - 0 - 0 aflam-uk.blogspot.com/search/label/Windows%208.1 216.58.211.1

Last 10 reports on ASN: AS15169 Google Inc.

Date UQ / IDS / BL URL IP
2018-10-16 10:07:50 +0200
0 - 1 - 0 ninja-saga-hack-insyndicate.blogspot.com/2011 (...) 172.217.20.33
2018-10-16 09:46:14 +0200
0 - 0 - 0 172.217.12.174 172.217.12.174
2018-10-16 09:40:52 +0200
0 - 0 - 0 https://kingstoneap.blogspot.com/2018/10/face (...) 216.58.207.225
2018-10-16 09:38:35 +0200
0 - 1 - 0 geamovie.blogspot.ru/ 172.217.22.161
2018-10-16 09:23:50 +0200
0 - 0 - 0 ingrammicrohk.com 23.236.62.147
2018-10-16 09:12:24 +0200
0 - 1 - 0 ninja-saga-hack-insyndicate.blogspot.ca/2011/ (...) 216.58.211.1
2018-10-16 08:40:12 +0200
3 - 1 - 0 www.viralbl0g.tk/p/tentang.html 172.217.21.147
2018-10-16 08:22:11 +0200
0 - 1 - 0 ptp-cpm.blogspot.com/2012/12/huong-dan-ang-ky (...) 216.58.209.129
2018-10-16 08:20:44 +0200
0 - 1 - 0 anazhthseis.blogspot.ca/2011 216.58.209.129
2018-10-16 08:05:08 +0200
0 - 1 - 0 anazhthseis.blogspot.com/2014/04/7.html 172.217.21.129

Last 10 reports on domain: jumintenhairstyles.blogspot.com

Date UQ / IDS / BL URL IP
2018-10-06 11:51:06 +0200
2 - 0 - 3 jumintenhairstyles.blogspot.com/search/label/ (...) 216.58.207.193
2018-10-06 11:42:12 +0200
2 - 1 - 3 jumintenhairstyles.blogspot.com/search/label/ (...) 216.58.207.193
2018-10-06 11:01:02 +0200
2 - 0 - 3 jumintenhairstyles.blogspot.com/search/label/ (...) 216.58.207.193
2018-10-06 04:14:29 +0200
2 - 1 - 3 jumintenhairstyles.blogspot.com/search/label/ (...) 172.217.21.161
2018-10-06 03:24:51 +0200
2 - 0 - 3 jumintenhairstyles.blogspot.com/search/label/ (...) 216.58.207.193
2018-10-06 00:29:52 +0200
2 - 0 - 3 jumintenhairstyles.blogspot.com/search/label/ (...) 216.58.211.1
2018-10-05 14:01:35 +0200
2 - 0 - 3 jumintenhairstyles.blogspot.com/search/label/ (...) 216.58.207.225
2018-10-05 12:30:12 +0200
2 - 1 - 3 jumintenhairstyles.blogspot.com/search/label/Mommy 216.58.207.193
2018-10-05 01:08:53 +0200
2 - 0 - 3 jumintenhairstyles.blogspot.com/search/label/ (...) 216.58.211.129
2018-10-02 22:44:37 +0200
2 - 0 - 3 jumintenhairstyles.blogspot.com/search/label/ (...) 216.58.211.129


JavaScript

Executed Scripts (68)


Executed Evals (0)


Executed Writes (4)

#1 JavaScript::Write (size: 122, repeated: 1) - SHA256: 0be5ebdedd7029adf64fbbcef4c136f77df63c6866cee4779b1cda4607bdd31e

                                        < img src = "<!--Can't find substitution for tag [post.thumbnailUrl]-->"
alt = "Dominican Pussy Poppin In The Projects Of DR" / >
                                    

#2 JavaScript::Write (size: 104, repeated: 1) - SHA256: 6c23565ba0e4ea1033b3d3bfdeeea3f34f6805ccaf9577dab5de7aa38efc1ceb

                                        < img src = "<!--Can't find substitution for tag [post.thumbnailUrl]-->"
alt = "Sex Party After Graduation" / >
                                    

#3 JavaScript::Write (size: 137, repeated: 2) - SHA256: 28feae5c1c9c6285471ca0d083e0f2ff1d7caa72fb47f4de829227cd1723f3d4

                                        < script type = "text/javascript"
language = "JavaScript"
src = "http://pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js" > < /script>
                                    

#4 JavaScript::Write (size: 124, repeated: 2) - SHA256: 659d6e3d096907cfa809bee1325439b097d75470543e588ce97d516753c72d69

                                        < script type = "text/javascript"
language = "JavaScript"
src = "//sedoparking.com/frmpark/ww1.apict.top/sedopark/park.js" > < /script>
                                    


HTTP Transactions (87)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: jumintenhairstyles.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Expires: Tue, 17 Jul 2018 07:41:57 GMT
Date: Tue, 17 Jul 2018 07:41:57 GMT
Cache-Control: private, max-age=0
Last-Modified: Mon, 05 Mar 2018 20:00:55 GMT
Etag: W/"f266297e60a6f0b087b5be04bf314da6d6ddb947a8b3ad8fd8dfb43c89a4927b"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 56481
Server: GSE


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   56481
Md5:    d8020a7feab2c051cd9df2b9e0579a51
Sha1:   493f90c36eb8ab7532b4850baefafdfadc41abcf
Sha256: 939a1d4091d9a9b0986d52f87ac0356005aa965163f25f51fa3ac1beb255a2ad

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /css/graddit.css HTTP/1.1 
Host: static.graddit.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         104.28.9.76
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 17 Jul 2018 07:41:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dcff9e2a4c7439c4a03edb3d1fb067b031531813318; expires=Wed, 17-Jul-19 07:41:58 GMT; path=/; domain=.graddit.com; HttpOnly
Last-Modified: Sat, 25 Apr 2015 17:20:22 GMT
Etag: W/"553bccd6-314b"
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 17 Jul 2018 09:41:58 GMT
Cache-Control: public, max-age=7200
Server: cloudflare
CF-RAY: 43bb11b7a1c04261-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2337
Md5:    dfa0daa25e78200e40f9571312ec9ae5
Sha1:   568ffde7fb25a6263e31bfa58df1dab40cf8833b
Sha256: 803a55513376be5fab56f6faa9eb38fb8dae0bc428867b15fd59c6c95fedf2e7
                                        
                                            GET /-wqzYVSTa638/UQrc7C0UP3I/AAAAAAAABgU/TgbAOmzXLAs/s1600/home.gif HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "va2f"
Expires: Mon, 16 Jul 2018 18:37:22 GMT
Content-Disposition: inline;filename="home.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 17 Jul 2018 07:10:10 GMT
Server: fife
Content-Length: 1157
X-XSS-Protection: 1; mode=block
Age: 1908
Cache-Control: public, max-age=86400, no-transform


--- Additional Info ---
Magic:  GIF image data, version 89a, 21 x 21
Size:   1157
Md5:    4c4d5a137d02ca4414dfe2e76084c7a0
Sha1:   f5b0e9627a211af31faeb95b74f85471c07cc8e5
Sha256: ff33e9e45ece6b5b9099f38e8e0a246865d21330f4f6300f2f9dc6498c7441d6
                                        
                                            GET /css?family=Oswald HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         172.217.20.42
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Tue, 17 Jul 2018 07:41:58 GMT
Date: Tue, 17 Jul 2018 07:41:58 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   190
Md5:    29c6cb9691eba33ad930680d66313307
Sha1:   63eb8bfc15c24ead7df44a7a8582b931a1b4be6e
Sha256: a0cf8335cad6ef633f85ab1b4ad03d637c0b33559da1ac9e8f8d5062ca975970
                                        
                                            GET /css?family=PT+Sans+Narrow HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         172.217.20.42
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Tue, 17 Jul 2018 07:41:58 GMT
Date: Tue, 17 Jul 2018 07:41:58 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   203
Md5:    acea2aa41ecccbe230cc18804fe3b1af
Sha1:   af2b2ad4bb9342f15e0ac600e58ff28820a9fecf
Sha256: ee2f59ae2193fda7285cc4f859477ffe46664d967ee287afc28225ea85987395
                                        
                                            GET /jquery-1.8.3.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         205.185.208.52
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Tue, 17 Jul 2018 07:41:58 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 96625
Last-Modified: Fri, 24 Oct 2014 00:16:07 GMT
Server: nginx
Vary: Accept-Encoding
Etag: W/"54499a47-40f49"
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
X-HW: 1531813318.dop006.sk1.t,1531813318.cds034.sk1.c


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   96625
Md5:    fc345cc666e4723a9d03b2621b12dfb1
Sha1:   a4b0d132bef1430dde86dbf1059670e3074a4439
Sha256: d80cae0232bd6ffe42be7f1559c0f25294b1d3905d1ee4268373ddc79175e320
                                        
                                            GET /jquery-2.1.1.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         205.185.208.52
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Tue, 17 Jul 2018 07:41:58 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 89265
Last-Modified: Fri, 24 Oct 2014 00:16:07 GMT
Server: nginx
Vary: Accept-Encoding
Etag: W/"54499a47-3c637"
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
X-HW: 1531813318.dop012.sk1.t,1531813318.cds035.sk1.c


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   89265
Md5:    8eda8f2e67f0b05454b9737205d2f334
Sha1:   abc4f5d34a8923bedc92cb6d455165b683636913
Sha256: d86a75d4eae0cf75d997facaa2278440804f14e9f4313f2b99ea4e6415bc0592
                                        
                                            GET /24211643151/jquery.easing.js HTTP/1.1 
Host: yourjavascript.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         80.241.212.33
HTTP/1.1 200 OK
Content-Type: text/javascript; charset: UTF-8
                                        
Server: nginx
Date: Tue, 17 Jul 2018 07:41:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2002
Md5:    a3f8e46ce0c00fb33fa44c3b4e6bc434
Sha1:   49f6cb3ccf6a6152d71740980021806b09a8a683
Sha256: 3c89e55bd35516b12dfef85c0d09c9dbedf26590a71c90f4a36e4583b5011be2
                                        
                                            GET /218437119/halamanav.js HTTP/1.1 
Host: yourjavascript.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         80.241.212.33
HTTP/1.1 200 OK
Content-Type: text/javascript; charset: UTF-8
                                        
Server: nginx
Date: Tue, 17 Jul 2018 07:41:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public


--- Additional Info ---
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 17 Jul 2018 07:41:58 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    d6e5e50e1b63c19dcb6cf5cb0c1c48f4
Sha1:   75761f2d250dd675f2177b6fadfa625be2203276
Sha256: 6f4c70053915ced6f14db8bace7978eedf7798c7c6dd50be26d097491d9a87b9
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 17 Jul 2018 07:41:58 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            GET /static/v1/widgets/3957297643-widget_css_bundle.css HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         216.58.211.9
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7982
Date: Fri, 13 Jul 2018 09:20:19 GMT
Expires: Sat, 13 Jul 2019 09:20:19 GMT
Last-Modified: Fri, 13 Jul 2018 05:18:55 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 339699
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   7982
Md5:    7364106946e4acaffae6dfdaaa8ebb66
Sha1:   23cd82dbe65cf26e4f64e7a1fa05138d670cde1a
Sha256: ef8130e1e1c664550a84fa92a7389d9b2517dfd998bd1d307648b511c368e755
                                        
                                            GET /dyn-css/authorization.css?targetBlogID=841889698638119486&zx=3a1cbc55-ac1a-4a01-8eca-70c99618ebca HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         216.58.211.9
HTTP/1.1 200 OK
Content-Type: text/css; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Cache-Control: private, max-age=1800
Pragma: no-cache
Expires: Tue, 17 Jul 2018 07:41:58 GMT
Date: Tue, 17 Jul 2018 07:41:58 GMT
Last-Modified: Tue, 17 Jul 2018 07:41:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   21
Md5:    b9afc501fc43fbea335a2dc5d43263a1
Sha1:   7290a2dd6afbf39ecfc35b52dfb32a38fc222994
Sha256: d6e425ca7840c0ab6f26f5fc2822a47e26b4a8bbd104468a9c185bc132b8662f
                                        
                                            GET /-UzQSVqe350A/URJhGaHsGqI/AAAAAAAAB7s/UVJaEnVxtc8/s1600/body.gif HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "va1c"
Expires: Sat, 14 Jul 2018 20:24:45 GMT
Content-Disposition: inline;filename="body.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 17 Jul 2018 07:22:03 GMT
Server: fife
Content-Length: 23343
X-XSS-Protection: 1; mode=block
Age: 1195
Cache-Control: public, max-age=86400, no-transform


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200
Size:   23343
Md5:    6f52f16e0c8869759029f92150fac68f
Sha1:   d7171b0111ecbc51953fb6a6a0fcb639c9aacdb2
Sha256: 0ba65009d2629977348e7cc30414a518b21b8fe7f50351fcead70764219b9bb2
                                        
                                            GET /-Es4rPAZpSEA/VO-9j025emI/AAAAAAAAAA8/v0-_VsrrI3I/s930/sun%2Blogo.png HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v10"
Expires: Fri, 13 Jul 2018 21:01:02 GMT
Content-Disposition: inline;filename="sun logo.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 17 Jul 2018 07:22:35 GMT
Server: fife
Content-Length: 5023
X-XSS-Protection: 1; mode=block
Age: 1163
Cache-Control: public, max-age=86400, no-transform


--- Additional Info ---
Magic:  PNG image, 50 x 50, 8-bit/color RGBA, non-interlaced
Size:   5023
Md5:    274bc928779def1365610c0e51789195
Sha1:   8d1b2e05bba12b0ac52b46cfa7e37e95cd6a02b5
Sha256: 998e30a5e683847ca81cb1063fd8465f6d2dd3a0473979d830c9f73165a5ac3f
                                        
                                            GET /-IeHXc7J7dZs/URLRwVeKocI/AAAAAAAACFA/OepYPORtIII/s1600/menuh.png HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v850"
Expires: Sat, 14 Jul 2018 19:21:27 GMT
Content-Disposition: inline;filename="menuh.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 17 Jul 2018 07:20:29 GMT
Server: fife
Content-Length: 222
X-XSS-Protection: 1; mode=block
Age: 1289
Cache-Control: public, max-age=86400, no-transform


--- Additional Info ---
Magic:  PNG image, 5 x 60, 8-bit/color RGB, non-interlaced
Size:   222
Md5:    1d4f7c743e1c8325afcb3e3d426fdf34
Sha1:   087ec1b041c740c3e7deaf9b2cbacf4ac9b9147c
Sha256: 1ca26c244ae26b2608d9123f2dad78aae4d9e62d95e86d743d218ef91f7cfa64
                                        
                                            GET /-AIW512aa4Ms/URJ2uXZh45I/AAAAAAAAB9c/QMul0JdxpNs/s1600/outerpic.png HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v7d7"
Expires: Sun, 15 Jul 2018 21:22:30 GMT
Content-Disposition: inline;filename="outerpic.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 17 Jul 2018 06:55:21 GMT
Server: fife
Content-Length: 340
X-XSS-Protection: 1; mode=block
Age: 2797
Cache-Control: public, max-age=86400, no-transform


--- Additional Info ---
Magic:  PNG image, 3 x 360, 8-bit/color RGB, non-interlaced
Size:   340
Md5:    80668175cbb798c380dd6b82f67db3c3
Sha1:   938f47d35c8f01aa839fb0f292dcba9f09a0aa31
Sha256: a6aea32e729e6d2b4f39f96e813d2841148a5f03badc23ccffe304cfde547c12
                                        
                                            GET /-K4hNJ9YcB7I/URKRQe-RbaI/AAAAAAAAB_c/bGaB_wyqaoA/s1600/dotted.png HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v7f7"
Expires: Tue, 17 Jul 2018 20:20:13 GMT
Content-Disposition: inline;filename="dotted.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 17 Jul 2018 07:32:40 GMT
Server: fife
Content-Length: 196
X-XSS-Protection: 1; mode=block
Age: 558
Cache-Control: public, max-age=86400, no-transform


--- Additional Info ---
Magic:  PNG image, 3 x 3, 8-bit/color RGBA, non-interlaced
Size:   196
Md5:    b22e8d3271b6ef77912ce1d52e3a75e2
Sha1:   18c57d175904e093e46622cf11d40a032b5da366
Sha256: bf06b15d3e82be3040e11d303834b7102e3f2c1c737cea9b1fee4f097d537772
                                        
                                            GET /-EZyIk5avkHk/URJ9koETxtI/AAAAAAAAB9s/NNAmTygwDLo/s1600/slider-shadow.png HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v7db"
Expires: Tue, 17 Jul 2018 11:56:46 GMT
Content-Disposition: inline;filename="slider-shadow.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 17 Jul 2018 06:45:13 GMT
Server: fife
Content-Length: 4036
X-XSS-Protection: 1; mode=block
Age: 3405
Cache-Control: public, max-age=86400, no-transform


--- Additional Info ---
Magic:  PNG image, 920 x 37, 8-bit/color RGBA, non-interlaced
Size:   4036
Md5:    bec5985b61fbe5559ce2ab72d4341501
Sha1:   d52b4dcbfd4a3fd2bcdea91893920214929df837
Sha256: ef9930fab27bc8a2824246970d147dcb782b3fa2eba27684d4d3fa2d5b47a3ca
                                        
                                            GET /s/oswald/v16/TK3iWkUHHAIjg752GT8A.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fonts.googleapis.com/css?family=Oswald
Origin: http://jumintenhairstyles.blogspot.com

                                         
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 18936
Date: Thu, 12 Jul 2018 10:26:14 GMT
Expires: Fri, 12 Jul 2019 10:26:14 GMT
Last-Modified: Tue, 07 Nov 2017 15:18:46 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 422144


--- Additional Info ---
Magic:  data
Size:   18936
Md5:    ca70f49a133f08485bd05d5cb28ef8b7
Sha1:   9029570f276ed6b7d2895ced7175f958fb6c1c5f
Sha256: a7a4038c6fbb19ba522819188aed0ff204d80e19223b1cab388a290a8d5e47fe
                                        
                                            GET / HTTP/1.1 
Host: jumintenhairstyles.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/
If-Modified-Since: Mon, 05 Mar 2018 20:00:55 GMT
If-None-Match: W/"f266297e60a6f0b087b5be04bf314da6d6ddb947a8b3ad8fd8dfb43c89a4927b"

                                         
                                         216.58.211.1
HTTP/1.1 304 Not Modified
                                        
Expires: Tue, 17 Jul 2018 07:41:58 GMT
Date: Tue, 17 Jul 2018 07:41:58 GMT
Cache-Control: private, max-age=0
Etag: W/"f266297e60a6f0b087b5be04bf314da6d6ddb947a8b3ad8fd8dfb43c89a4927b"
Server: GSE


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /_30PRmkOl4ro/Sj5HUoF2_NI/AAAAAAAARvU/Bve0hDc4814/s72-c/Long+Black+Hair.jpg HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v46f5"
Expires: Sun, 15 Jul 2018 16:02:27 GMT
Content-Disposition: inline;filename="Long Black Hair.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 17 Jul 2018 07:25:52 GMT
Server: fife
Content-Length: 2396
X-XSS-Protection: 1; mode=block
Age: 966
Cache-Control: public, max-age=86400, no-transform


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   2396
Md5:    3ff37c448f44c29b4fb9582992033e0b
Sha1:   2576625674b07fe0f976b917f58afe81075fa609
Sha256: 3cab710f272acf2afb5442eb55a7344f40c22c8446c79817626c7d18fbe2a77b
                                        
                                            GET /_TMGjPxCEY7U/S9bI5_SISiI/AAAAAAAAAf4/0HAM4dHwvKI/s72-c/Rihanna-Short-Side-Part.jpg HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v1fe"
Expires: Wed, 18 Jul 2018 07:25:52 GMT
Content-Disposition: inline;filename="Rihanna-Short-Side-Part.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 17 Jul 2018 07:25:52 GMT
Server: fife
Content-Length: 3124
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=86400, no-transform
Age: 966


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   3124
Md5:    f253b2dcd84fa9fc983879829b13487b
Sha1:   5affd962d4076b8bb9bb518a35c0277fb51751bf
Sha256: 37d32420658a72dfcc5688459ec34ad47649c87520e5cdef59211d55e31fd83f
                                        
                                            GET /_WH736tIzxNk/S_1Cc6TIdpI/AAAAAAAAFF0/FEZTKXybdEU/s72-c/0skycarla.jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v145d"
Expires: Sun, 15 Jul 2018 16:02:27 GMT
Content-Disposition: inline;filename="0skycarla.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 17 Jul 2018 07:25:52 GMT
Server: fife
Content-Length: 4228
X-XSS-Protection: 1; mode=block
Age: 966
Cache-Control: public, max-age=86400, no-transform


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   4228
Md5:    36be60f896a54e02b6302a794791f459
Sha1:   745fb0eaab670687886f301e446640c37b1496ed
Sha256: 7c3e7dc18ee4daf29b8e127696a2e9dbb693adac4d6feaba7936c5f2db3e737c
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 17 Jul 2018 07:41:58 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    3a2fa3af02fd6a9b629aa5fc1b196e65
Sha1:   032c1546cabfad41e27a0d6b52bd258bd7ffa7f9
Sha256: 5c01fc0a174195b802a042257fa9a61c01c99731deb9b67e9fc88e73cd177f43
                                        
                                            GET /embed/781241/240_180 HTTP/1.1 
Host: www.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         78.140.187.214
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx/1.12.2
Date: Tue, 17 Jul 2018 07:41:59 GMT
Content-Length: 185
Connection: keep-alive
Location: https://www.drtuber.com/embed/781241/240_180


--- Additional Info ---
Magic:  HTML document text
Size:   185
Md5:    cb6ffbb4043c88e63023bdbe1273e7f6
Sha1:   51ab256fee07ae97343aea50861f5b9b0214cac2
Sha256: e2085b8ac766c65a76f7e31e2ee5d257f7728465331a46ee58005fd212575348
                                        
                                            GET /embed/781554/240_180 HTTP/1.1 
Host: www.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         78.140.187.214
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx/1.12.2
Date: Tue, 17 Jul 2018 07:41:59 GMT
Content-Length: 185
Connection: keep-alive
Location: https://www.drtuber.com/embed/781554/240_180


--- Additional Info ---
Magic:  HTML document text
Size:   185
Md5:    cb6ffbb4043c88e63023bdbe1273e7f6
Sha1:   51ab256fee07ae97343aea50861f5b9b0214cac2
Sha256: e2085b8ac766c65a76f7e31e2ee5d257f7728465331a46ee58005fd212575348
                                        
                                            GET /embed/820907/240_180 HTTP/1.1 
Host: www.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         78.140.187.214
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx/1.12.2
Date: Tue, 17 Jul 2018 07:41:59 GMT
Content-Length: 185
Connection: keep-alive
Location: https://www.drtuber.com/embed/820907/240_180


--- Additional Info ---
Magic:  HTML document text
Size:   185
Md5:    cb6ffbb4043c88e63023bdbe1273e7f6
Sha1:   51ab256fee07ae97343aea50861f5b9b0214cac2
Sha256: e2085b8ac766c65a76f7e31e2ee5d257f7728465331a46ee58005fd212575348
                                        
                                            GET /embed/779869/240_180 HTTP/1.1 
Host: www.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         78.140.187.214
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx/1.12.2
Date: Tue, 17 Jul 2018 07:41:59 GMT
Content-Length: 185
Connection: keep-alive
Location: https://www.drtuber.com/embed/779869/240_180


--- Additional Info ---
Magic:  HTML document text
Size:   185
Md5:    cb6ffbb4043c88e63023bdbe1273e7f6
Sha1:   51ab256fee07ae97343aea50861f5b9b0214cac2
Sha256: e2085b8ac766c65a76f7e31e2ee5d257f7728465331a46ee58005fd212575348
                                        
                                            GET /-6p_AqXL70hQ/UQWPHMObw9I/AAAAAAAABZ0/f2UWIvjFkSQ/s1600/footerli.png HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v59d"
Expires: Sun, 15 Jul 2018 01:11:26 GMT
Content-Disposition: inline;filename="footerli.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 17 Jul 2018 06:55:22 GMT
Server: fife
Content-Length: 223
X-XSS-Protection: 1; mode=block
Age: 2797
Cache-Control: public, max-age=86400, no-transform


--- Additional Info ---
Magic:  PNG image, 4 x 7, 8-bit/color RGBA, non-interlaced
Size:   223
Md5:    04b7dfa97e05f4622e2d9a08719a7b07
Sha1:   a15042ab03db6f3d5e822ec3de37dde74c96f920
Sha256: 3e5a716afd9759cd1759126af6e50af605f0e135fedfed0a3c39ceba7c653ffc
                                        
                                            GET /s/ptsansnarrow/v8/BngRUXNadjH0qYEzV7ab-oWlsbCGwRs.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fonts.googleapis.com/css?family=PT+Sans+Narrow
Origin: http://jumintenhairstyles.blogspot.com

                                         
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 43448
Date: Fri, 13 Jul 2018 08:27:13 GMT
Expires: Sat, 13 Jul 2019 08:27:13 GMT
Last-Modified: Wed, 11 Oct 2017 18:30:35 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 342887


--- Additional Info ---
Magic:  data
Size:   43448
Md5:    60264058b23ab6faa42699a5e0035dd0
Sha1:   14b7e7a94d024e4b3720b28afdf60287ea9a58a5
Sha256: 9cf3e7ccecfc228a2914f09141df6f86084e16da0a9a29b4d38613d6598cac1a
                                        
                                            GET /img/icon18_wrench_allbkg.png HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         216.58.211.9
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Content-Length: 475
Date: Sat, 14 Jul 2018 02:15:57 GMT
Expires: Sat, 21 Jul 2018 02:15:57 GMT
Last-Modified: Fri, 13 Jul 2018 11:17:51 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=604800
Age: 278763
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  PNG image, 18 x 18, 8-bit colormap, non-interlaced
Size:   475
Md5:    f617effe6d96c15acfea8b2e8aae551f
Sha1:   6d676af11ad2e84b620cce4d5992b657cb2d8ab6
Sha256: d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
                                        
                                            GET / HTTP/1.1 
Host: www.cebr.info
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         34.202.122.77
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 17 Jul 2018 7:41:57 GMT
Connection: Keep-Alive
Content-Length: 0
Cache-Control: private, no-cache, no-store, max-age=0
Expires: Mon, 01 Jan 1990 0:00:00 GMT
Location: http://www.apict.top


--- Additional Info ---
                                        
                                            GET /%3C!--Can%27t%20find%20substitution%20for%20tag%20%5Bpost.thumbnailUrl%5D--%3E HTTP/1.1 
Host: jumintenhairstyles.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         216.58.211.1
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Tue, 17 Jul 2018 07:42:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 54535
Server: GSE


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   54535
Md5:    968b93648c9e9d39c0cfcdfce490d1af
Sha1:   072c499a4ac395f32670b562004f373bf01f7235
Sha256: 8d6d568bb54eaad696080aef6de84d743062a66c70286023bc1ce29c13656117

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /ajax/libs/jquery/1.6.2/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         172.217.21.170
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 32245
Date: Wed, 11 Jul 2018 23:44:59 GMT
Expires: Thu, 11 Jul 2019 23:44:59 GMT
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 460623
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   32245
Md5:    68ab59808bd9d610989e90a6a72de1c9
Sha1:   37e30026185877bbe73d9794a9b30083ae0709fe
Sha256: e730036ff9a2dea35ee12350105dca51535e909c854f51fe0e131a8292f73f6b
                                        
                                            GET / HTTP/1.1 
Host: www.cebr.info
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         34.202.122.77
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 17 Jul 2018 7:42:02 GMT
Connection: Keep-Alive
Content-Length: 0
Cache-Control: private, no-cache, no-store, max-age=0
Expires: Mon, 01 Jan 1990 0:00:00 GMT
Location: http://www.apict.top


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         91.135.34.16
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Thu, 12 Jul 2018 11:06:57 GMT
Etag: 1C88F3D5A3339B61E5B34713CB2E2AF5B1D20842
X-OCSP-Responder-ID: rmdccaocsp10
Content-Length: 472
Cache-Control: public, no-transform, must-revalidate, max-age=184499
Expires: Thu, 19 Jul 2018 10:57:01 GMT
Date: Tue, 17 Jul 2018 07:42:02 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   472
Md5:    93ead333b41353eb176c1609f8a6a73c
Sha1:   1c88f3d5a3339b61e5b34713cb2e2af5b1d20842
Sha256: 8321b37bc0f622ab40212bd05f7704111eb3ba1f1dfc64858eebc374c3813f8e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.16
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Thu, 12 Jul 2018 10:51:21 GMT
Etag: D4C28A73F3EB43A34CC790DCE25ED87F4A421D6E
X-OCSP-Responder-ID: rmdccaocsp18
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=183583
Expires: Thu, 19 Jul 2018 10:41:45 GMT
Date: Tue, 17 Jul 2018 07:42:02 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    6e37f9a729ba8d6648625996f196de0c
Sha1:   d4c28a73f3eb43a34cc790dce25ed87f4a421d6e
Sha256: ad91ca9ece00c0e1098281ea06ac9195bb4ee77adeb0345418e0486cce9d205a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.18
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Thu, 12 Jul 2018 10:51:21 GMT
Etag: 27551B28C14CBF2EDAEA7D6E156CE69A4E57C1CE
X-OCSP-Responder-ID: rmdccaocsp17
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=183554
Expires: Thu, 19 Jul 2018 10:41:16 GMT
Date: Tue, 17 Jul 2018 07:42:02 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    c6d72d52d0f84e80bc73598e312d4d36
Sha1:   27551b28c14cbf2edaea7d6e156ce69a4e57c1ce
Sha256: 48f5ddfbcbf0ef2ebd8421768e29378a59ad43ccec5986e6b57a1ad75024078a
                                        
                                            GET / HTTP/1.1 
Host: www.apict.top
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         103.224.182.246
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 17 Jul 2018 07:42:02 GMT
Server: Apache
X-Powered-By: PHP/5.6.36-0+deb8u1
Set-Cookie: __tad=1531813322.6626859; expires=Fri, 14-Jul-2028 07:42:02 GMT; Max-Age=315360000
Location: http://ww1.apict.top/
Content-Length: 0
Connection: close


--- Additional Info ---

Alerts:
  IDS:
    - ET INFO HTTP Request to a *.top domain
                                        
                                            GET /embed/779869/240_180 HTTP/1.1 
Host: www.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         78.140.187.214
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.12.2
Date: Tue, 17 Jul 2018 07:42:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: lang=en; expires=Wed, 18-Jul-2018 07:42:03 GMT; Max-Age=86400; path=/; domain=.drtuber.com no_push_notice=1; expires=Wed, 18-Jul-2018 07:42:03 GMT; Max-Age=86400; path=/; domain=.drtuber.com search_filter_new=ch%3D178.1.2.3.4.7.8.5.9.10.169.11.12.13.14.15.16.17.18.28.20.21.22.27.23.24.25.26.30.31.32.181.35.36.37.180.176.38.33.34.39.40.41.42.177.44.43.45.47.48.46.49.50.51.52.53.54.55.56.57.58.179.59.60.61.62.63.64.65.66.69.68.71.67.70.72.73.74.75.182.183.77.76.78.79.80.81.82.84.85.88.86.87.91.90.92.93.94.188.189.190.191.%26hq%3D0%26sort%3Drv%26added%3D%26dur%3D%26rate%3D; expires=Tue, 17-Jul-2018 19:42:03 GMT; Max-Age=43200; path=/; domain=.drtuber.com
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2359
Md5:    8d8cb1e344a7135a61ab00c9c090d345
Sha1:   68be819564a352802e273865ccf258e5eba961c9
Sha256: e871a8221a658f585d7fd1ed652900d493c9a1cef63f916c66b684a37e80051e
                                        
                                            GET /embed/781241/240_180 HTTP/1.1 
Host: www.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         78.140.187.214
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.12.2
Date: Tue, 17 Jul 2018 07:42:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: lang=en; expires=Wed, 18-Jul-2018 07:42:03 GMT; Max-Age=86400; path=/; domain=.drtuber.com no_push_notice=1; expires=Wed, 18-Jul-2018 07:42:03 GMT; Max-Age=86400; path=/; domain=.drtuber.com search_filter_new=ch%3D178.1.2.3.4.7.8.5.9.10.169.11.12.13.14.15.16.17.18.28.20.21.22.27.23.24.25.26.30.31.32.181.35.36.37.180.176.38.33.34.39.40.41.42.177.44.43.45.47.48.46.49.50.51.52.53.54.55.56.57.58.179.59.60.61.62.63.64.65.66.69.68.71.67.70.72.73.74.75.182.183.77.76.78.79.80.81.82.84.85.88.86.87.91.90.92.93.94.188.189.190.191.%26hq%3D0%26sort%3Drv%26added%3D%26dur%3D%26rate%3D; expires=Tue, 17-Jul-2018 19:42:03 GMT; Max-Age=43200; path=/; domain=.drtuber.com
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2346
Md5:    44cafaa589c033d53be6b39d3d807b45
Sha1:   fdf85caecb14ec2de8b3d2995d8ca72b491a1bdc
Sha256: 239e2e80d30048a132f251c04e455cbf773d12081b2c227665eb6063a30965cf
                                        
                                            GET /embed/820907/240_180 HTTP/1.1 
Host: www.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         78.140.187.214
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.12.2
Date: Tue, 17 Jul 2018 07:42:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: lang=en; expires=Wed, 18-Jul-2018 07:42:03 GMT; Max-Age=86400; path=/; domain=.drtuber.com no_push_notice=1; expires=Wed, 18-Jul-2018 07:42:03 GMT; Max-Age=86400; path=/; domain=.drtuber.com search_filter_new=ch%3D178.1.2.3.4.7.8.5.9.10.169.11.12.13.14.15.16.17.18.28.20.21.22.27.23.24.25.26.30.31.32.181.35.36.37.180.176.38.33.34.39.40.41.42.177.44.43.45.47.48.46.49.50.51.52.53.54.55.56.57.58.179.59.60.61.62.63.64.65.66.69.68.71.67.70.72.73.74.75.182.183.77.76.78.79.80.81.82.84.85.88.86.87.91.90.92.93.94.188.189.190.191.%26hq%3D0%26sort%3Drv%26added%3D%26dur%3D%26rate%3D; expires=Tue, 17-Jul-2018 19:42:03 GMT; Max-Age=43200; path=/; domain=.drtuber.com
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2328
Md5:    924fd4f2290b95c2acffec4c44b06cb9
Sha1:   2904995a7c88b5ed97113877cfcec082a2f3f647
Sha256: c0f05882f8af33eeb118360f553f28c929538f1e688138d6e11a63160c029e83
                                        
                                            GET / HTTP/1.1 
Host: ww1.apict.top
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         72.52.4.90
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 17 Jul 2018 07:42:03 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Tue, 17 Jul 2018 07:42:03 GMT
X-Cache-Miss-From: parking-6c5f49b8f4-kxcqd
Server: NginX
Content-Encoding: gzip
Set-Cookie: NSC_tfep-83+63+5+01-91=ffffffff58cbef9845525d5f4f58455e445a4a423660;path=/;httponly


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   699
Md5:    ef2d0dbf1a9e7b3ef12c641f24f21cfe
Sha1:   2238c157aa4ae236fb8a70a2ad1be2397130eadb
Sha256: dae5cf9e1c48ee9c23eb9ce4949bd525854a6b38f1442bffdf3eecabdc1d3197
                                        
                                            GET /embed/781554/240_180 HTTP/1.1 
Host: www.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         78.140.187.214
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.12.2
Date: Tue, 17 Jul 2018 07:42:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: lang=en; expires=Wed, 18-Jul-2018 07:42:03 GMT; Max-Age=86400; path=/; domain=.drtuber.com no_push_notice=1; expires=Wed, 18-Jul-2018 07:42:03 GMT; Max-Age=86400; path=/; domain=.drtuber.com search_filter_new=ch%3D178.1.2.3.4.7.8.5.9.10.169.11.12.13.14.15.16.17.18.28.20.21.22.27.23.24.25.26.30.31.32.181.35.36.37.180.176.38.33.34.39.40.41.42.177.44.43.45.47.48.46.49.50.51.52.53.54.55.56.57.58.179.59.60.61.62.63.64.65.66.69.68.71.67.70.72.73.74.75.182.183.77.76.78.79.80.81.82.84.85.88.86.87.91.90.92.93.94.188.189.190.191.%26hq%3D0%26sort%3Drv%26added%3D%26dur%3D%26rate%3D; expires=Tue, 17-Jul-2018 19:42:03 GMT; Max-Age=43200; path=/; domain=.drtuber.com
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2336
Md5:    98776b85e937cf8555f84febb1503ec8
Sha1:   e632a9ac4ab1819b3bd709350919df3a3b369145
Sha256: 2a41d3f3e0ac72d6811292d1b2b3692eaffa2376d95a8b6025fe9398862b2e8c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.16
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sat, 14 Jul 2018 03:57:49 GMT
Etag: A81C90E183506D4B7365324AC0B5DBF4ED4D7995
X-OCSP-Responder-ID: rmdccaocsp23
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=331538
Expires: Sat, 21 Jul 2018 03:47:41 GMT
Date: Tue, 17 Jul 2018 07:42:03 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    cb778bf09a49e1acdcf7de3556554d52
Sha1:   a81c90e183506d4b7365324ac0b5dbf4ed4d7995
Sha256: c6ca9be683f4f61027c6a2de879504e38fb3f1d3f3a2b5983b7fd51ed4df84d1
                                        
                                            GET /frmpark/ww1.apict.top/sedopark/park.js HTTP/1.1 
Host: sedoparking.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww1.apict.top/

                                         
                                         72.52.4.90
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 17 Jul 2018 07:42:03 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache-Miss-From: parking-6c5f49b8f4-r9274
Server: NginX
Content-Encoding: gzip
Set-Cookie: NSC_tfep-83+63+5+01-91=ffffffff58cbef9845525d5f4f58455e445a4a423660;path=/;httponly


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   631
Md5:    d20b76b80285586466535a32b2f6a5ca
Sha1:   664f82f01b6ab2ca16740c79f6d794040b255348
Sha256: 9b6c9b6f68c0a11de55979d199657dd9baece09f425b8e8a5b7558e80975a67c
                                        
                                            GET /templates/base_master/js/swfobject.js?v=21.97 HTTP/1.1 
Host: static.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.drtuber.com/embed/779869/240_180
Cookie: lang=en; no_push_notice=1; search_filter_new=ch%3D178.1.2.3.4.7.8.5.9.10.169.11.12.13.14.15.16.17.18.28.20.21.22.27.23.24.25.26.30.31.32.181.35.36.37.180.176.38.33.34.39.40.41.42.177.44.43.45.47.48.46.49.50.51.52.53.54.55.56.57.58.179.59.60.61.62.63.64.65.66.69.68.71.67.70.72.73.74.75.182.183.77.76.78.79.80.81.82.84.85.88.86.87.91.90.92.93.94.188.189.190.191.%26hq%3D0%26sort%3Drv%26added%3D%26dur%3D%26rate%3D

                                         
                                         78.140.166.16
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.10.3
Date: Tue, 17 Jul 2018 07:42:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Thu, 06 Nov 2014 11:37:37 GMT
Etag: W/"545b5d81-1ae0"
Expires: Fri, 19 Oct 2018 15:52:27 GMT
Cache-Control: max-age=8154779
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbjXSJ9Ioz10WdYQKyNLIP0Itx6VCfGpVwdTHU3svMiEoRvY2bxA==
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2481
Md5:    4fa1c609d3c5b568a40f0cce9ebf6563
Sha1:   5bbcb1dd35e84db379f5ce2ada00dd255072ca52
Sha256: ae5dba59bac5dbe46f5cf41b95a90c84ebd593f38e01e14091e73eafd55b86d3
                                        
                                            GET /templates/base_master/js/html5_video/ui-assets.js?v=21.97 HTTP/1.1 
Host: static.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.drtuber.com/embed/779869/240_180
Cookie: lang=en; no_push_notice=1; search_filter_new=ch%3D178.1.2.3.4.7.8.5.9.10.169.11.12.13.14.15.16.17.18.28.20.21.22.27.23.24.25.26.30.31.32.181.35.36.37.180.176.38.33.34.39.40.41.42.177.44.43.45.47.48.46.49.50.51.52.53.54.55.56.57.58.179.59.60.61.62.63.64.65.66.69.68.71.67.70.72.73.74.75.182.183.77.76.78.79.80.81.82.84.85.88.86.87.91.90.92.93.94.188.189.190.191.%26hq%3D0%26sort%3Drv%26added%3D%26dur%3D%26rate%3D

                                         
                                         78.140.166.16
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.10.3
Date: Tue, 17 Jul 2018 07:42:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Mon, 24 Oct 2016 16:11:41 GMT
Etag: W/"580e32bd-a9e2"
Expires: Fri, 19 Oct 2018 15:52:27 GMT
Cache-Control: max-age=8154779
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbjXSJ9Ioz10WdYQKyNLIP0Itx6VCfGpVwdTHU3svMiEoRvY2bxA==
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   15070
Md5:    056ef0a1440336d618f559edc31e4d51
Sha1:   9ae2e3610c160d89623660efdee1e37e59055f21
Sha256: 8c78f01d2ba764dd4c1549020ccaef166e6a7c3f04e5ead2ac04ac54288a60a4
                                        
                                            GET /apps/domainpark/show_afd_ads.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww1.apict.top/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1479
Date: Tue, 17 Jul 2018 07:42:03 GMT
Expires: Tue, 17 Jul 2018 07:42:03 GMT
Cache-Control: private, max-age=3600
Etag: "11593360441790565904"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: sffe
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   1479
Md5:    9b3dc6e8d9f43943c777990fc92c09ef
Sha1:   de80f9095f8526431d9f6052425e324b86d94f5f
Sha256: 29d4b2df150903aa4fff62285a8932b81086a82f66d6e234be683963bb24fe93
                                        
                                            GET /templates/base_master/libs/jquery/jquery-1.10.0.min.js?v=21.97 HTTP/1.1 
Host: static.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.drtuber.com/embed/779869/240_180
Cookie: lang=en; no_push_notice=1; search_filter_new=ch%3D178.1.2.3.4.7.8.5.9.10.169.11.12.13.14.15.16.17.18.28.20.21.22.27.23.24.25.26.30.31.32.181.35.36.37.180.176.38.33.34.39.40.41.42.177.44.43.45.47.48.46.49.50.51.52.53.54.55.56.57.58.179.59.60.61.62.63.64.65.66.69.68.71.67.70.72.73.74.75.182.183.77.76.78.79.80.81.82.84.85.88.86.87.91.90.92.93.94.188.189.190.191.%26hq%3D0%26sort%3Drv%26added%3D%26dur%3D%26rate%3D

                                         
                                         78.140.166.16
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.10.3
Date: Tue, 17 Jul 2018 07:42:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Wed, 27 Aug 2014 14:24:56 GMT
Etag: W/"53fdea38-16b5a"
Expires: Fri, 19 Oct 2018 15:52:27 GMT
Cache-Control: max-age=8154779
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbjXSJ9Ioz10WdYQKyNLIP0Itx6VCfGplzbGTR3eG3v9Ra8Jrw9Ng=
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   38101
Md5:    8b39c49d26aebffb5a023be64d07073c
Sha1:   c83f46bdf04c907b1cb4c7efdd37030014749fd6
Sha256: f42ab01c810ffe56c5b668f90bb0955e4ec3299f9d584e207c7279caa5b31b3c
                                        
                                            GET /templates/base_master/js/html5_video/player_v2.js?v=21.97 HTTP/1.1 
Host: static.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.drtuber.com/embed/779869/240_180
Cookie: lang=en; no_push_notice=1; search_filter_new=ch%3D178.1.2.3.4.7.8.5.9.10.169.11.12.13.14.15.16.17.18.28.20.21.22.27.23.24.25.26.30.31.32.181.35.36.37.180.176.38.33.34.39.40.41.42.177.44.43.45.47.48.46.49.50.51.52.53.54.55.56.57.58.179.59.60.61.62.63.64.65.66.69.68.71.67.70.72.73.74.75.182.183.77.76.78.79.80.81.82.84.85.88.86.87.91.90.92.93.94.188.189.190.191.%26hq%3D0%26sort%3Drv%26added%3D%26dur%3D%26rate%3D

                                         
                                         78.140.166.16
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.10.3
Date: Tue, 17 Jul 2018 07:42:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Wed, 04 Jul 2018 09:22:23 GMT
Etag: W/"5b3c91cf-115e1"
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbjXSJ9Ioz10WdYQKyNLIP0Itx6VCfGpVwdTHU3svMiEoRvdSM7F5UC+pXF6dvmFTU
Expires: Fri, 14 Dec 2018 17:08:16 GMT
Cache-Control: max-age=12993973
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   17860
Md5:    760f413d729f6c8c91a6687c07957984
Sha1:   03ba9a1b888c520e73875aaf5b49cdb67d64bcf1
Sha256: 91abd58bde9efee76dad6ff60f34033b78373acfa274dd42d76bf69efeea66c4
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 17 Jul 2018 07:42:04 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    f7677b07a5d8870bc8ee1f693b85c9c1
Sha1:   26b6ecde0d82129dacb2fbf42129fd1d9615bc0f
Sha256: 5a115f0099230c20fca03965138ddb976822209a2f0178988b222df3d55c68b6
                                        
                                            GET /templates/drtuber/css/embed.css?v=21.97 HTTP/1.1 
Host: p2.drtst.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.drtuber.com/embed/779869/240_180

                                         
                                         78.140.178.139
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.10.3
Date: Tue, 17 Jul 2018 07:42:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Mon, 05 Dec 2016 14:53:36 GMT
Etag: W/"58457f70-3b1"
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbgHeJ9L3DgZkevhWR/xF7xiOYo1pksR/TPc8mI5LNvl2Jqp05ty4gLXTJg7QKAjPA
Expires: Sat, 24 Nov 2018 18:16:39 GMT
Cache-Control: max-age=11270075
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   359
Md5:    03d23d2bec9ebd75bbad83a54e480d2f
Sha1:   19d8ca01bfc6c68f9fa56fde61e992a1fb61b072
Sha256: f89db89dbbb72952db1c577f5e3ad6647bb658947b3419b7d9b7fbf00013f2ee
                                        
                                            GET /templates/drtuber/js/jquery.adx.embed.js?v=21.97 HTTP/1.1 
Host: p6.drtst.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.drtuber.com/embed/781554/240_180

                                         
                                         78.140.166.16
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.10.3
Date: Tue, 17 Jul 2018 07:42:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Fri, 01 Jul 2016 13:48:25 GMT
Etag: W/"577674a9-30db"
Expires: Fri, 19 Oct 2018 16:14:15 GMT
Cache-Control: max-age=8154778
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbjXSJ9Ioz10WdYQKyNLIP0Itx6VCfGplzbGTR3eG3v9Ra8Jrw9Ng=
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4497
Md5:    b87e58594206e40e9a7984d7a813a865
Sha1:   089d61f0e460922e5ce512eba090029c8dbd6c32
Sha256: 8d8723fe610a24f65c1fae4ebfd2a94200c29792886e1a6f715da47ffb70e066
                                        
                                            GET /templates/base_master/js/html5_video/switch.js?v=21.97 HTTP/1.1 
Host: static.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.drtuber.com/embed/779869/240_180
Cookie: lang=en; no_push_notice=1; search_filter_new=ch%3D178.1.2.3.4.7.8.5.9.10.169.11.12.13.14.15.16.17.18.28.20.21.22.27.23.24.25.26.30.31.32.181.35.36.37.180.176.38.33.34.39.40.41.42.177.44.43.45.47.48.46.49.50.51.52.53.54.55.56.57.58.179.59.60.61.62.63.64.65.66.69.68.71.67.70.72.73.74.75.182.183.77.76.78.79.80.81.82.84.85.88.86.87.91.90.92.93.94.188.189.190.191.%26hq%3D0%26sort%3Drv%26added%3D%26dur%3D%26rate%3D

                                         
                                         78.140.166.16
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.10.3
Date: Tue, 17 Jul 2018 07:42:04 GMT
Content-Length: 495
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Wed, 04 Oct 2017 16:35:42 GMT
Etag: "59d50dde-1ef"
Expires: Fri, 19 Oct 2018 16:15:15 GMT
Cache-Control: max-age=8154778
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbjXSJ9Ioz10WdYQKyNLIP0Itx6VCfGplzbGTR3eG3v9Ra8Jrw9Ng=
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   495
Md5:    73704ca08d56484366ce8aeb92de9a61
Sha1:   5c4880a2159b6c3afb222ec8cb8507724de19dcc
Sha256: f3033b242fb79a5361b2438930aad894f9e371b8e097bd91ce4e408c5f0097bd
                                        
                                            GET /templates/base_master/js/jquery.cookie.js?v=21.97 HTTP/1.1 
Host: static.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.drtuber.com/embed/779869/240_180
Cookie: lang=en; no_push_notice=1; search_filter_new=ch%3D178.1.2.3.4.7.8.5.9.10.169.11.12.13.14.15.16.17.18.28.20.21.22.27.23.24.25.26.30.31.32.181.35.36.37.180.176.38.33.34.39.40.41.42.177.44.43.45.47.48.46.49.50.51.52.53.54.55.56.57.58.179.59.60.61.62.63.64.65.66.69.68.71.67.70.72.73.74.75.182.183.77.76.78.79.80.81.82.84.85.88.86.87.91.90.92.93.94.188.189.190.191.%26hq%3D0%26sort%3Drv%26added%3D%26dur%3D%26rate%3D

                                         
                                         78.140.166.16
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.10.3
Date: Tue, 17 Jul 2018 07:42:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Thu, 06 Nov 2014 11:37:37 GMT
Etag: W/"545b5d81-5ff"
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbjXSJ9Ioz10WdYQKyNLIP0Itx6VCfGpxyZGTR3eqMPN9B2gQ+pX9WwxPZo9HzULqSoQ==
Expires: Wed, 14 Nov 2018 14:33:14 GMT
Cache-Control: max-age=10392670
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   721
Md5:    0a22e00f8de0f58e90d2d8ea21998593
Sha1:   5bd1b8a7757a0b25e230fbc918c9dd5cad50b241
Sha256: 32791a3254f53b00bfc24322d5ded4e8dc22426daa16afce99b74c8a7f0dd6a9
                                        
                                            GET /templates/drtuber/js/jquery.adx.embed.js?v=21.97 HTTP/1.1 
Host: p2.drtst.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.drtuber.com/embed/779869/240_180

                                         
                                         78.140.178.139
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.10.3
Date: Tue, 17 Jul 2018 07:42:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Fri, 01 Jul 2016 13:48:25 GMT
Etag: W/"577674a9-30db"
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbgHeJ9L3DgZkevhWR/xF7xiOYo1pksRPQJJojIIxlPBJ4TIV8RKxXnHKPlRhxE9NM0w==
Expires: Sat, 24 Nov 2018 18:25:02 GMT
Cache-Control: max-age=11270578
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4497
Md5:    b87e58594206e40e9a7984d7a813a865
Sha1:   089d61f0e460922e5ce512eba090029c8dbd6c32
Sha256: 8d8723fe610a24f65c1fae4ebfd2a94200c29792886e1a6f715da47ffb70e066
                                        
                                            GET /dp/ads?output=afd_ads&client=dp-sedo89_3ph&domain_name=ww1.apict.top&afdt=create&swp=as-drid-2529860006851696&dt=1531813323515&u_tz=120&u_his=1&u_h=885&u_w=1176&frm=2&ref=http%3A%2F%2Fjumintenhairstyles.blogspot.com%2F HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww1.apict.top/
Origin: http://ww1.apict.top

                                         
                                         216.58.211.4
HTTP/1.1 200 OK
Content-Type: application/json; charset=ISO-8859-1
                                        
Content-Disposition: inline
Date: Tue, 17 Jul 2018 07:42:04 GMT
Expires: Tue, 17 Jul 2018 07:42:04 GMT
Cache-Control: private, max-age=3600
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Server: gws
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   136
Md5:    6c5f546169f6d66f8a3456e2bbdfbc10
Sha1:   1fe88ce4ae5e07225b193364ad45df3e1288140b
Sha256: f5628818880380c0b57db0b3bd404b9fc92a54a5cf3794a6fce877a23dad0b51
                                        
                                            GET /templates/drtuber/css/embed.css?v=21.97 HTTP/1.1 
Host: p6.drtst.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.drtuber.com/embed/781554/240_180

                                         
                                         78.140.166.16
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.10.3
Date: Tue, 17 Jul 2018 07:42:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Mon, 05 Dec 2016 14:53:36 GMT
Etag: W/"58457f70-3b1"
Expires: Fri, 19 Oct 2018 15:56:20 GMT
Cache-Control: max-age=8154778
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbjXSJ9Ioz10WdYQKyNLIP0Itx6VCfGpVwdTHU3svMiEoRvY2bxA==
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   359
Md5:    03d23d2bec9ebd75bbad83a54e480d2f
Sha1:   19d8ca01bfc6c68f9fa56fde61e992a1fb61b072
Sha256: f89db89dbbb72952db1c577f5e3ad6647bb658947b3419b7d9b7fbf00013f2ee
                                        
                                            GET /templates/drtuber/html5_video/theme.css?v=21.97 HTTP/1.1 
Host: p6.drtst.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.drtuber.com/embed/781554/240_180

                                         
                                         78.140.166.16
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.10.3
Date: Tue, 17 Jul 2018 07:42:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Tue, 31 Oct 2017 11:03:41 GMT
Etag: W/"59f8588d-177c"
Expires: Fri, 19 Oct 2018 15:55:13 GMT
Cache-Control: max-age=8154778
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbjXSJ9Ioz10WdYQKyNLIP0Itx6VCfGplzbGTR3eG3v9Ra8Jrw9Ng=
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1297
Md5:    28188f3712c66dee03c72e97e26096e0
Sha1:   0c815d0b32ab934a4bda4841a0495535edd0dad6
Sha256: c0e4e7e5f3d7f9feb78eb688dd79e6a31088cf7b574229a1a57bde3253638ed4
                                        
                                            GET /templates/base_master/js/jquery.ui.touch-punch.min.js?v=21.97 HTTP/1.1 
Host: static.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.drtuber.com/embed/779869/240_180
Cookie: lang=en; no_push_notice=1; search_filter_new=ch%3D178.1.2.3.4.7.8.5.9.10.169.11.12.13.14.15.16.17.18.28.20.21.22.27.23.24.25.26.30.31.32.181.35.36.37.180.176.38.33.34.39.40.41.42.177.44.43.45.47.48.46.49.50.51.52.53.54.55.56.57.58.179.59.60.61.62.63.64.65.66.69.68.71.67.70.72.73.74.75.182.183.77.76.78.79.80.81.82.84.85.88.86.87.91.90.92.93.94.188.189.190.191.%26hq%3D0%26sort%3Drv%26added%3D%26dur%3D%26rate%3D

                                         
                                         78.140.166.16
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.10.3
Date: Tue, 17 Jul 2018 07:42:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Fri, 13 Oct 2017 12:57:18 GMT
Etag: W/"59e0b82e-50b"
Expires: Fri, 19 Oct 2018 15:52:28 GMT
Cache-Control: max-age=8154778
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbjXSJ9Ioz10WdYQKyNLIP0Itx6VCfGplzbGTR3eG3v9Ra8Jrw9Ng=
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   607
Md5:    d2cc48b85ed36c9d3a03501841b8a95f
Sha1:   05e4418170e01112c33d6c71e8be98aa1858427b
Sha256: b9dd2aeb03594d3a485991bdc9c917cfce097f1615ee8b2b4cbff6df153b7d08
                                        
                                            GET /templates/drtuber/html5_video/theme.css?v=21.97 HTTP/1.1 
Host: p2.drtst.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.drtuber.com/embed/779869/240_180

                                         
                                         78.140.178.139
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.10.3
Date: Tue, 17 Jul 2018 07:42:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Tue, 31 Oct 2017 11:03:41 GMT
Etag: W/"59f8588d-177c"
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbgHeJ9L3DgZkevhWR/xF7xiOYo1pksRPQJJojIIxlPBJ4TIV8RKxXnHKPlRhxE9NM0w==
Expires: Sat, 24 Nov 2018 17:58:22 GMT
Cache-Control: max-age=11268978
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1297
Md5:    28188f3712c66dee03c72e97e26096e0
Sha1:   0c815d0b32ab934a4bda4841a0495535edd0dad6
Sha256: c0e4e7e5f3d7f9feb78eb688dd79e6a31088cf7b574229a1a57bde3253638ed4
                                        
                                            GET /templates/base_master/js/html5_video/styles.css?v=21.97 HTTP/1.1 
Host: static.drtuber.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.drtuber.com/embed/779869/240_180
Cookie: lang=en; no_push_notice=1; search_filter_new=ch%3D178.1.2.3.4.7.8.5.9.10.169.11.12.13.14.15.16.17.18.28.20.21.22.27.23.24.25.26.30.31.32.181.35.36.37.180.176.38.33.34.39.40.41.42.177.44.43.45.47.48.46.49.50.51.52.53.54.55.56.57.58.179.59.60.61.62.63.64.65.66.69.68.71.67.70.72.73.74.75.182.183.77.76.78.79.80.81.82.84.85.88.86.87.91.90.92.93.94.188.189.190.191.%26hq%3D0%26sort%3Drv%26added%3D%26dur%3D%26rate%3D

                                         
                                         78.140.166.16
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.10.3
Date: Tue, 17 Jul 2018 07:42:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Fri, 29 Jun 2018 12:16:27 GMT
Etag: W/"5b36231b-8f96"
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbjXSJ9Ioz10WdYQKyNLIP0Itx6VCfGpxyZGTR3eqMPN9B2gQ+pX9WwxPZo9HzULqTqQ==
Expires: Sun, 09 Dec 2018 20:02:22 GMT
Cache-Control: max-age=12572418
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   7029
Md5:    29185f49abe6242f0c5c0a96e888fe35
Sha1:   e50321017153cb02410fa83fc07f731f2b482e96
Sha256: a46cb9d5f7604315d505e8bf5569e467c443109208f144a198850ffeeccb0a5a
                                        
                                            GET / HTTP/1.1 
Host: www.apict.top
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/

                                         
                                         103.224.182.246
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 17 Jul 2018 07:42:03 GMT
Server: Apache
X-Powered-By: PHP/5.6.36-0+deb8u1
Set-Cookie: __tad=1531813323.4704325; expires=Fri, 14-Jul-2028 07:42:03 GMT; Max-Age=315360000
Location: http://ww1.apict.top/
Content-Length: 0
Connection: close


--- Additional Info ---

Alerts:
  IDS:
    - ET INFO HTTP Request to a *.top domain
                                        
                                            GET / HTTP/1.1 
Host: ww1.apict.top
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jumintenhairstyles.blogspot.com/
Cookie: NSC_tfep-83+63+5+01-91=ffffffff58cbef9845525d5f4f58455e445a4a423660

                                         
                                         72.52.4.90
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 17 Jul 2018 07:42:04 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Tue, 17 Jul 2018 07:42:04 GMT
X-Cache-Miss-From: parking-6c5f49b8f4-cpwfv
Server: NginX
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   699
Md5:    ef2d0dbf1a9e7b3ef12c641f24f21cfe
Sha1:   2238c157aa4ae236fb8a70a2ad1be2397130eadb
Sha256: dae5cf9e1c48ee9c23eb9ce4949bd525854a6b38f1442bffdf3eecabdc1d3197
                                        
                                            GET /templates/drtuber/js/jquery.adx.embed.js?v=21.97 HTTP/1.1 
Host: p5.drtst.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.drtuber.com/embed/820907/240_180

                                         
                                         188.72.220.164
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.10.3
Date: Tue, 17 Jul 2018 07:42:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Fri, 01 Jul 2016 13:48:25 GMT
Etag: W/"577674a9-30db"
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbhXKes1RsqfxrQ7/0Z+9rLFA1+u4q5tP8Hn4mQ9D860V508nANE2ZuRXJ5iqLfE/BWwQJ
Expires: Sat, 22 Dec 2018 14:59:06 GMT
Cache-Control: max-age=13677422
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4497
Md5:    b87e58594206e40e9a7984d7a813a865
Sha1:   089d61f0e460922e5ce512eba090029c8dbd6c32
Sha256: 8d8723fe610a24f65c1fae4ebfd2a94200c29792886e1a6f715da47ffb70e066
                                        
                                            GET /templates/drtuber/css/embed.css?v=21.97 HTTP/1.1 
Host: p5.drtst.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.drtuber.com/embed/820907/240_180

                                         
                                         188.72.220.164
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.10.3
Date: Tue, 17 Jul 2018 07:42:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Mon, 05 Dec 2016 14:53:36 GMT
Etag: W/"58457f70-3b1"
Expires: Sun, 16 Dec 2018 23:29:23 GMT
Cache-Control: max-age=13189639
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbhXKes1RsqfxrQ7/0Z+9rLFA1+u4q5tP8En0/FmfEdjKkdj7BLwM4
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   359
Md5:    03d23d2bec9ebd75bbad83a54e480d2f
Sha1:   19d8ca01bfc6c68f9fa56fde61e992a1fb61b072
Sha256: f89db89dbbb72952db1c577f5e3ad6647bb658947b3419b7d9b7fbf00013f2ee
                                        
                                            GET /frmpark/ww1.apict.top/sedopark/park.js HTTP/1.1 
Host: sedoparking.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww1.apict.top/
Cookie: NSC_tfep-83+63+5+01-91=ffffffff58cbef9845525d5f4f58455e445a4a423660

                                         
                                         72.52.4.90
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 17 Jul 2018 07:42:04 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache-Miss-From: parking-6c5f49b8f4-5wpqk
Server: NginX
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   631
Md5:    d20b76b80285586466535a32b2f6a5ca
Sha1:   664f82f01b6ab2ca16740c79f6d794040b255348
Sha256: 9b6c9b6f68c0a11de55979d199657dd9baece09f425b8e8a5b7558e80975a67c
                                        
                                            GET /media/videos/tmb/781554/player/14.jpg HTTP/1.1 
Host: p6.drtst.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.drtuber.com/embed/781554/240_180

                                         
                                         78.140.166.16
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.10.3
Date: Tue, 17 Jul 2018 07:42:04 GMT
Content-Length: 39507
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Tue, 16 Apr 2013 22:26:04 GMT
Etag: "516dcffc-9a53"
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbjXSJ9Ioz10WdYQKyNLIP0Itx6VCfGpxyZGTR3eqMPN9B2gQ+pX9WwxPZo9HzULqTqQ==
Expires: Wed, 24 Oct 2018 18:43:16 GMT
Cache-Control: max-age=8593272
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "Lavc52.123.0\377"
Size:   39507
Md5:    2c7065e7ade51dc5e818865d94dbcf38
Sha1:   58582d3535143b114478e067baf4441ff12a583e
Sha256: 0d5e0c008e3745c32e272f37dc281ec049d16897d42a6b4ef929a653878f1317
                                        
                                            GET /templates/drtuber/html5_video/theme.css?v=21.97 HTTP/1.1 
Host: p5.drtst.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.drtuber.com/embed/820907/240_180

                                         
                                         188.72.220.164
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.10.3
Date: Tue, 17 Jul 2018 07:42:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Tue, 31 Oct 2017 11:03:41 GMT
Etag: W/"59f8588d-177c"
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbhXKes1RsqfxrQ7/0Z+9rLFA1+u4q5tP8Hn4mQ9D860V508nANE2ZuRXJ5iqLfE/BWwUB
Expires: Wed, 05 Sep 2018 22:17:44 GMT
Cache-Control: max-age=4372540
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1297
Md5:    28188f3712c66dee03c72e97e26096e0
Sha1:   0c815d0b32ab934a4bda4841a0495535edd0dad6
Sha256: c0e4e7e5f3d7f9feb78eb688dd79e6a31088cf7b574229a1a57bde3253638ed4
                                        
                                            GET /media/videos/tmb/781241/player/7.jpg HTTP/1.1 
Host: p2.drtst.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.drtuber.com/embed/781241/240_180

                                         
                                         78.140.178.139
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.10.3
Date: Tue, 17 Jul 2018 07:42:04 GMT
Content-Length: 38185
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Tue, 16 Apr 2013 20:17:52 GMT
Etag: "516db1f0-9529"
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbgHeJ9L3DgZkevhWR/xF7xiOYo1pksR/TPc8mI5LNvl2Jqp05ty4gLXTJg7QKAjPA
Expires: Sat, 03 Nov 2018 16:43:54 GMT
Cache-Control: max-age=9450110
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "Lavc52.123.0\377"
Size:   38185
Md5:    3a7eb806e88a77abb26219e95c53c2a5
Sha1:   23c9dae4c6966d2848b3a8c4e6c5fdfb1bf4b561
Sha256: f37e47364c559ff52a811dd2ff2ced1133372e4d11c6afcc589f8f4c8708d76a
                                        
                                            GET /media/videos/tmb/779869/player/19.jpg HTTP/1.1 
Host: p2.drtst.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.drtuber.com/embed/779869/240_180

                                         
                                         78.140.178.139
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.10.3
Date: Tue, 17 Jul 2018 07:42:04 GMT
Content-Length: 21411
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Mon, 15 Apr 2013 23:10:15 GMT
Etag: "516c88d7-53a3"
Expires: Wed, 19 Dec 2018 22:50:09 GMT
Cache-Control: max-age=13446485
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbgHeJ9L3DgZkevhWR/xF7xiOYo1pksRPQJJojIIxlPBJ4TIUlhJw=
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "Lavc52.123.0\377"
Size:   21411
Md5:    dba9162c7cbf742c5b3b8d552d499cde
Sha1:   62f8a0999d57e04b549bf5f6b47b0f77a04335a9
Sha256: e85aa3b9b31d4ae623b74eed2f794edaabee2fc4dee831dfce3ac6f5adc16baa
                                        
                                            GET /dp/ads?output=afd_ads&client=dp-sedo89_3ph&domain_name=ww1.apict.top&afdt=create&swp=as-drid-2529860006851696&dt=1531813324645&u_tz=120&u_his=1&u_h=885&u_w=1176&frm=2&ref=http%3A%2F%2Fjumintenhairstyles.blogspot.com%2F HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww1.apict.top/
Origin: http://ww1.apict.top

                                         
                                         216.58.211.4
HTTP/1.1 200 OK
Content-Type: application/json; charset=ISO-8859-1
                                        
Content-Disposition: inline
Date: Tue, 17 Jul 2018 07:42:04 GMT
Expires: Tue, 17 Jul 2018 07:42:04 GMT
Cache-Control: private, max-age=3600
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Server: gws
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   136
Md5:    6281ca7fb80e0e4ee967861993127905
Sha1:   d6d0b677a620b33f778a73ce718a7012e0d497af
Sha256: e7d7e956dcb5ac9942471a6ea4a59b913756785dc5e6a2228a849fa4a95cb4cc
                                        
                                            GET /search/registrar.php?domain=ww1.apict.top&rpv=2&registrar=sedopark&gst=&ref=http://jumintenhairstyles.blogspot.com/ HTTP/1.1 
Host: sedoparking.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww1.apict.top/
Cookie: NSC_tfep-83+63+5+01-91=ffffffff58cbef9845525d5f4f58455e445a4a423660

                                         
                                         72.52.4.90
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 17 Jul 2018 07:42:04 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_TLudyQxQUaRg3q0ZPW15drXZq44XHNzJd6lY7KryhTSmvG7/hZOic8e1cHLRyYYy5aukRJpdnbZT3jYhhnuNjg==
Set-Cookie: tu=0511d36b1c80d6daeae4cc5325190cfe; expires=Tue, 31-Dec-2019 23:00:00 GMT; Max-Age=46019876; path=/; domain=apict.top; httponly
Last-Modified: Tue, 17 Jul 2018 07:42:04 GMT
X-Cache-Miss-From: parking-6c5f49b8f4-dk8wq
Server: NginX
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8305
Md5:    2dac7a6bcf8f186af996ea7a991257ba
Sha1:   1227e80953e45e6d9793bb61846ab2fbd94e804f
Sha256: b07f134d79a28760f91326596e4df2e8fb52a840ef698adf579814557617a329
                                        
                                            GET /ajax/libs/jquery/1.4.2/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sedoparking.com/search/registrar.php?domain=ww1.apict.top&rpv=2&registrar=sedopark&gst=&ref=http://jumintenhairstyles.blogspot.com/

                                         
                                         172.217.21.170
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 24715
Date: Sat, 14 Jul 2018 04:31:36 GMT
Expires: Sun, 14 Jul 2019 04:31:36 GMT
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 270628


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   24715
Md5:    a345240e5331b52d632b87045a4b27f5
Sha1:   6ccffb3c524b65fe00a3cf40f09862583737be99
Sha256: 336744214634ef8a1412b44de060754c1280890bca5880724e38660b93e72911
                                        
                                            GET /media/videos/tmb/820907/player/16.jpg HTTP/1.1 
Host: p5.drtst.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.drtuber.com/embed/820907/240_180

                                         
                                         188.72.220.164
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.10.3
Date: Tue, 17 Jul 2018 07:42:04 GMT
Content-Length: 27172
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Sun, 05 May 2013 20:09:59 GMT
Etag: "5186bc97-6a24"
X-Ureq-ID: PYMqMNZBGw32sc2V98lMDGMm5QPggNUVoUH7r/l4U7pbBRCbhXKes1RsqfxrQ7/0Z+9rLFA1+u4q5tP8Hn4mQ9D860V508nANE2ZuRXJ5iqLfE/BWwUB
Expires: Tue, 25 Dec 2018 15:36:16 GMT
Cache-Control: max-age=13938852
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "Lavc52.123.0\377"
Size:   27172
Md5:    163e5218abe3003db2aefdfc21700dca
Sha1:   53e87015c47771f61f74c6dc210e6e8cfece945c
Sha256: 19a15ef6c274c99bb88e0aaed5347f017f6ce8ae35bd88ab9608a9ab37bfc648
                                        
                                            GET /ga.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sedoparking.com/search/registrar.php?domain=ww1.apict.top&rpv=2&registrar=sedopark&gst=&ref=http://jumintenhairstyles.blogspot.com/

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Tue, 17 Jul 2018 06:46:33 GMT
Expires: Tue, 17 Jul 2018 08:46:33 GMT
Last-Modified: Fri, 18 May 2018 01:10:24 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 17168
Cache-Control: public, max-age=7200
Age: 3332


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   17168
Md5:    01d5892e6e243b52998310c2925b9f3a
Sha1:   58180151b6a6ee4af73583a214b68efb9e8844d4
Sha256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
                                        
                                            GET /search/portal.php?l=NglBRFMJOTRkMDFkOWExOTdkM2QwN2QwYTEzZjg1ODA4MzBjMWUJCTM1CQkzMQkJCTAJCQkyOTkyNTM3MjIJYwkwCQkJMTAyMAkJNgkyCTE1MzE4MTMzMjQJMAlOCTAJMAkwCQkJCQkJc2Vkb3BhcmtpbmcuY29tNWI0ZDlkY2M0ZDllYjEuNDkzMjMxODgJMAkJMQkwCTEyMDUJMjgwODA4Mzk4CQk3Ny40MC4xMjkuMTIz HTTP/1.1 
Host: sedoparking.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: application/json, text/javascript, */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
X-Requested-With: XMLHttpRequest
Referer: http://sedoparking.com/search/registrar.php?domain=ww1.apict.top&rpv=2&registrar=sedopark&gst=&ref=http://jumintenhairstyles.blogspot.com/
Cookie: NSC_tfep-83+63+5+01-91=ffffffff58cbef9845525d5f4f58455e445a4a423660

                                         
                                         72.52.4.90
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 17 Jul 2018 07:42:05 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache-Miss-From: parking-6c5f49b8f4-r9274
Server: NginX
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1197
Md5:    e3035a7599c4863af4b79c1af4f3802a
Sha1:   0bf555c0fb8c3f35894415957238119899a1d6e7
Sha256: 38075b6455cb9270020431ed7fcddf9efba09b9c21bfd63c9a75534f11e6d5a1
                                        
                                            GET /search/rl.php?rlt=1531813324d99f038aacfae069bde8f3828ae65ed2&callback=jsonp1531813324959 HTTP/1.1 
Host: sedoparking.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/javascript, application/javascript, */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
X-Requested-With: XMLHttpRequest
Referer: http://sedoparking.com/search/registrar.php?domain=ww1.apict.top&rpv=2&registrar=sedopark&gst=&ref=http://jumintenhairstyles.blogspot.com/
Cookie: NSC_tfep-83+63+5+01-91=ffffffff58cbef9845525d5f4f58455e445a4a423660

                                         
                                         72.52.4.90
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 17 Jul 2018 07:42:05 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache-Miss-From: parking-6c5f49b8f4-r9274
Server: NginX
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   59
Md5:    5fe8f3d31f65ccc073aba66b689a9e20
Sha1:   bc05c57885bf1b856b64f99273a3a97bfde33246
Sha256: d8d27f70599c6d61798ca291d17843af792011d5d44ee22c290044b35b9fa7dc
                                        
                                            GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1689527187&utmhn=sedoparking.com&utmcs=UTF-8&utmsr=1176x885&utmvp=20x20&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=apict.top%C2%A0-%C2%A0%20Resources%20and%20Information.&utmhid=1792486482&utmr=http%3A%2F%2Fww1.apict.top%2F&utmp=1020%2F2&utmht=1531813325129&utmac=UA-19309218-3&utmcc=__utma%3D1.2143296599.1531813325.1531813325.1531813325.1%3B%2B__utmz%3D1.1531813325.1.1.utmcsr%3Dww1.apict.top%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2F%3B&utmjid=1469303280&utmredir=1&utmu=qhCAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sedoparking.com/search/registrar.php?domain=ww1.apict.top&rpv=2&registrar=sedopark&gst=&ref=http://jumintenhairstyles.blogspot.com/

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Tue, 17 Jul 2018 07:42:05 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /search/tsc.php?200=Mjk5MjUzNzIy&21=NzcuNDAuMTI5LjEyMw==&681=MTUzMTgxMzMyNGJiMmNlZjNjMDBlNGZjMWU5NTZlYjU5NzZkNjA0NDJm&crc=b72fe20342f3c046d4bc8df006e1d266674b10be&cv=1 HTTP/1.1 
Host: sedoparking.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
X-Requested-With: XMLHttpRequest
Referer: http://sedoparking.com/search/registrar.php?domain=ww1.apict.top&rpv=2&registrar=sedopark&gst=&ref=http://jumintenhairstyles.blogspot.com/
Cookie: NSC_tfep-83+63+5+01-91=ffffffff58cbef9845525d5f4f58455e445a4a423660

                                         
                                         72.52.4.90
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 17 Jul 2018 07:42:05 GMT
Content-Length: 0
X-Cache-Miss-From: parking-6c5f49b8f4-dk8wq
Server: NginX


--- Additional Info ---
                                        
                                            GET /search/registrar.php?domain=ww1.apict.top&rpv=2&registrar=sedopark&gst=&ref=http://jumintenhairstyles.blogspot.com/ HTTP/1.1 
Host: sedoparking.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww1.apict.top/
Cookie: NSC_tfep-83+63+5+01-91=ffffffff58cbef9845525d5f4f58455e445a4a423660

                                         
                                         72.52.4.90
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 17 Jul 2018 07:42:05 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_TLudyQxQUaRg3q0ZPW15drXZq44XHNzJd6lY7KryhTSmvG7/hZOic8e1cHLRyYYy5aukRJpdnbZT3jYhhnuNjg==
Set-Cookie: tu=a4451f303707d1f3e47e5acb65828055; expires=Tue, 31-Dec-2019 23:00:00 GMT; Max-Age=46019876; path=/; domain=apict.top; httponly
Last-Modified: Tue, 17 Jul 2018 07:42:04 GMT
X-Cache-Miss-From: parking-6c5f49b8f4-kxcqd
Server: NginX
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8254
Md5:    b29b4c5ad71049e6349cf4baa6d26b6f
Sha1:   3c5d14833c84bdfa76175692310d88b8d7c354c6
Sha256: 8e1b5cccf5a77f544b9cb665a5a7df29d7d8a54b149012c8e09da5c6a26779fd
                                        
                                            GET /search/portal.php?l=NglBRFMJNzU3ODQyNDAzY2UyZjA2ZWE5NDVhN2I3YTJhZTU0NmIJCTM1CQkzMQkJCTAJCQkyOTkyNTM3MjIJYwkwCQkJMTAyMAkJNgkyCTE1MzE4MTMzMjUJMAlOCTAJMAkwCQkJCQkJc2Vkb3BhcmtpbmcuY29tNWI0ZDlkY2NlNmYyZTYuMjkwOTQxODEJMAkJMQkwCTEyMDUJMjgwODA4Mzk4CQk3Ny40MC4xMjkuMTIz HTTP/1.1 
Host: sedoparking.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: application/json, text/javascript, */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
X-Requested-With: XMLHttpRequest
Referer: http://sedoparking.com/search/registrar.php?domain=ww1.apict.top&rpv=2&registrar=sedopark&gst=&ref=http://jumintenhairstyles.blogspot.com/
Cookie: NSC_tfep-83+63+5+01-91=ffffffff58cbef9845525d5f4f58455e445a4a423660; __utma=1.2143296599.1531813325.1531813325.1531813325.1; __utmb=1.1.10.1531813325; __utmc=1; __utmz=1.1531813325.1.1.utmcsr=ww1.apict.top|utmccn=(referral)|utmcmd=referral|utmcct=/; __utmt=1

                                         
                                         72.52.4.90
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 17 Jul 2018 07:42:05 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache-Miss-From: parking-6c5f49b8f4-s4t99
Server: NginX
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1197
Md5:    e3035a7599c4863af4b79c1af4f3802a
Sha1:   0bf555c0fb8c3f35894415957238119899a1d6e7
Sha256: 38075b6455cb9270020431ed7fcddf9efba09b9c21bfd63c9a75534f11e6d5a1
                                        
                                            GET /search/tsc.php?200=Mjk5MjUzNzIy&21=NzcuNDAuMTI5LjEyMw==&681=MTUzMTgxMzMyNTI3N2UxZGNlZTY0ZjNiMWNmYjYwMGJmMjRkMDA5MjEx&crc=e836a5591fe9aad36b24ed99a0ab55c4f17199a8&cv=1 HTTP/1.1 
Host: sedoparking.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
X-Requested-With: XMLHttpRequest
Referer: http://sedoparking.com/search/registrar.php?domain=ww1.apict.top&rpv=2&registrar=sedopark&gst=&ref=http://jumintenhairstyles.blogspot.com/
Cookie: NSC_tfep-83+63+5+01-91=ffffffff58cbef9845525d5f4f58455e445a4a423660; __utma=1.2143296599.1531813325.1531813325.1531813325.1; __utmb=1.1.10.1531813325; __utmc=1; __utmz=1.1531813325.1.1.utmcsr=ww1.apict.top|utmccn=(referral)|utmcmd=referral|utmcct=/; __utmt=1

                                         
                                         72.52.4.90
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 17 Jul 2018 07:42:05 GMT
Content-Length: 0
X-Cache-Miss-From: parking-6c5f49b8f4-wvz8k
Server: NginX


--- Additional Info ---
                                        
                                            GET /search/rl.php?rlt=1531813325fa4cce5493df028e99589dbb710c3e4a&callback=jsonp1531813325549 HTTP/1.1 
Host: sedoparking.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/javascript, application/javascript, */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
X-Requested-With: XMLHttpRequest
Referer: http://sedoparking.com/search/registrar.php?domain=ww1.apict.top&rpv=2&registrar=sedopark&gst=&ref=http://jumintenhairstyles.blogspot.com/
Cookie: NSC_tfep-83+63+5+01-91=ffffffff58cbef9845525d5f4f58455e445a4a423660; __utma=1.2143296599.1531813325.1531813325.1531813325.1; __utmb=1.1.10.1531813325; __utmc=1; __utmz=1.1531813325.1.1.utmcsr=ww1.apict.top|utmccn=(referral)|utmcmd=referral|utmcct=/; __utmt=1

                                         
                                         72.52.4.90
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 17 Jul 2018 07:42:05 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache-Miss-From: parking-6c5f49b8f4-m8psl
Server: NginX
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   59
Md5:    c19ff320ec4da2c7241fdcadccb0213c
Sha1:   c13242413223986589f095d0096e5293a3ecc4e6
Sha256: 1ac2d491ec5468751d85859fbffb7490eb59fb521619ae7887dcf35e24810fd6
                                        
                                            GET /__utm.gif?utmwv=5.7.2&utms=2&utmn=126281701&utmhn=sedoparking.com&utmcs=UTF-8&utmsr=1176x885&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=apict.top%C2%A0-%C2%A0%20Resources%20and%20Information.&utmhid=1976785878&utmr=http%3A%2F%2Fww1.apict.top%2F&utmp=1020%2F2&utmht=1531813325658&utmac=UA-19309218-3&utmcc=__utma%3D1.2143296599.1531813325.1531813325.1531813325.1%3B%2B__utmz%3D1.1531813325.1.1.utmcsr%3Dww1.apict.top%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2F%3B&utmjid=&utmu=qhCAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://sedoparking.com/search/registrar.php?domain=ww1.apict.top&rpv=2&registrar=sedopark&gst=&ref=http://jumintenhairstyles.blogspot.com/

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Mon, 02 Jul 2018 16:09:32 GMT
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35
Cache-Control: no-cache, no-store, must-revalidate
Age: 1265553


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015